FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2012-1823

This CVE name corresponds to:

Entered Topic
2012-05-12 php -- multiple vulnerabilities
2012-05-05 php -- vulnerability in certain CGI-based setups

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2012-1823 at cve.mitre.org

Details

Type Candidate
Name CVE-2012-1823
Phase Assigned(20120321)

Description

sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.

References

Source Reference
MISC http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/
CONFIRM http://www.php.net/ChangeLog-5.php#5.4.2
CONFIRM http://www.php.net/archive/2012.php#id2012-05-03-1
CONFIRM https://bugs.php.net/bug.php?id=61910
CONFIRM https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff&revision=1335984315&display=1
CONFIRM http://support.apple.com/kb/HT5501
APPLE APPLE-SA-2012-09-19-2
HP HPSBMU02786
HP SSRT100877
HP HPSBUX02791
HP SSRT100856
REDHAT RHSA-2012:0546
REDHAT RHSA-2012:0547
REDHAT RHSA-2012:0568
CERT-VN VU#520827
CERT-VN VU#673343
SECTRACK 1027022
SECUNIA 49014
SECUNIA 49065
SECUNIA 49087
SECUNIA 49085

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.